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REMARKS 



Claims 1-20 are pending in this application. Claims 1 1-20 are allowed over the prior 
art of record. Claims 2-5 and 7 are merely objected to as being dependent upon the rejected 
base claim, but have been indicated to be otherwise allowable over the prior art of record. 
Claims 1, 6, and 8-10 stand rejected, and are at issue herein. 

The Applicant wishes to thank the Examiner for consideration and examination of the 
claims of this application. The Applicant acknowledges the Examiner's indication of the 
allowability of claims 1 1-20 over the prior art of record. However, the Applicant respectfully 
traverses the Examiner's statement in paragraph 2.1 of the Official Action to the extent that it 
differs from a mere restatement of the claim language. The Applicant further respectfully 
traverses the Examiner's statement and reasoning insofar as they would lead to or suggest, if 
at all, an interpretation of the claimed invention different from the full extent of claim scope 
afforded thereto by the established law and in the absence of the statement in paragraph 2.1 . 

The Examiner has rejected claims 1, 6, and 8-10 under 35 U.S.C. § 102(a) as being 
anticipated by Denker (U.S. Patent No. 5,958,053). The Applicant has fully studied, this.; - 
Denker '053 reference and the Examiner's rationale for this ground of rejection, butmusf * 
respectfully traverse this ground of rejection. Reconsideration of this ground of rejection and 
indication of the allowance of claims 1, 6, and 8-10 at an early date in view of the following 
remarks are respectfully solicited. 

Independent claim 1, from which each of the rejected claims depend requires, inter 
alia, "allocating a small TCP control block (TCB) to service a TCP/IP three-way handshake." 
As is well-known in the art and as is specifically recognized in the Denker '053 reference, the 
allocation of a TCB utilizes memory resources. Indeed, Denker '053 states that a server 
typically allocates "in memory a full blown transmission control block after receiving a SYN 
message to store all the required information for the connection with the expectation that the 
incipient connection will soon become a fully established connection." Denker '053, column 
2, lines 60-67. 

While independent claim 1 requires the allocation of a small TCB to service the 
TCP/IP three-way handshake, the protocols of Denker '053 specifically require that no 
memory resources be allocated for the incipient connection. Specifically, Denker '053, 
column 7, lines 31-36 specifies "after receiving the SYN message of step 1020C, server 110 
performs only the minimal communication and computation, and allocates no memory 
resources for the incipient connection. " (emphasis added). Denker '053 continues in column 
9, lines 37-42, "as compared to TCP, TCP2B provides an improved defense against SYN 
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flooding because server 100 (under TCP2B) does not allocate any memory resources for the 
connection until server 110 determines that the message of step 3040C passes the appropriate 
mathematical (i.e., cryptologic) test." (emphasis added). As is clear from these quoted 
sections from Denker '053, the TCB2B protocol described in this reference specifically 
requires that no memory resources be allocated until after the connection is validated contrary 
to the requirement of claim 1. ' 

Denker '053 also describes a second protocol, TCP2E, that utilizes a Friends Table to 
determine whether or not a connection request should be completed. However, in this second 
protocol, Denker '053 also requires that no memory resources be allocated until the 
connection is determined to be valid. Specifically, Denker, column 12, lines 29-34, states "at 
step 215 of FIG. 7 (after server 1 10 determines that the client's address is not on the server's 
Friends Table), server 110 performs only the minimal communication and computation, and 
allocates no memory resources for the requested connection." (emphasis added). Denker 
'053 continues at lines 52-57 "at this point server 1 10 need not allocate memory to store its 
acknowledgement number $c, client 105's IP address or port, client 105's initial sequence 
• number (400 in step 1020E of FIG. 6), client 105's window size, client 105's requested^ ^< 
options, or other information regarding the requested connection." (emphasis added). In / 
summary, Denker '053 states in column 15, lines 23-27 "the TCP2E protocol offers a greatly 
improved defense to a SYN flood attack as compared to TCP because a transmission control 
block will not be allocated upon receipt of a SYN message unless the client's address is on 
the server's Friends Table." 

In addition to these two first-level protocols, Denker '053 also describes a second- 
level protocol that operates to determine which of the two first-level protocols should be 
used. However, this second-level protocol operates under standard TCP until it determines 
that the server is under an SYN flood attack. Specifically, Denker '053 explains, beginning in 
column 15, line 66 and continuing to column 16, line 5 "If at step 310 of FIG. 8, server 1 10 
determines that it is not under attack (i.e., the above described ratio is not below the 
threshold), then server 1 10 implements standard TCP, with no defense measures. In other 
words, server 1 10 can allocate computational resources, communication resources, and a full 
transmission control block in response to receiving each request for a TCP connection (SYN 
message). " This operation is clearly contrary to the system and method of the present 
invention, and in fact allows the server to come under a SYN flood attack until a certain 
threshold is exceeded. Once the threshold is exceeded, the second-level protocol operates to 
determine whether TCP2B or TCP2E should be implemented. However, as described above, 
each of these two first-level protocols requires that no memory resources be allocated until 
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the connection request is verified. As such, the Applicant respectfully submits that Denker 
'053 cannot anticipate independent claim 1 which re quires the step of allocating a small TCP 
c ontrol block (TCB) to service a TCP/IP three-waY iiandshake. Reconsideration of this 
ground of rejection of independent claim 1, and dependent claims 6 and 8-10 are therefore 
respectfully solicited. 

The Examiner has objected to claims 2-5 and 7 as being dependent upon a rejected 
base claim, but has indicated that these claims would be allowable if rewritten in independent 
form including all of the limitations of the base claim and any intervening claims. The 
Applicant respectfully submits that he has adopted the Examiner's suggestion and has 
amended claim 2 to independent form (claims 3-5 being dependent therefrom), and has 
amended claim 7 to independent form, including all the limitations of the base claim and any 
intervening claims. The Applicant now believes that claims 2-5 and 7 are in condition for 
allowance. Confirmation of same in view of the adoption of the Examiner's suggestion is 
therefore respectfully solicited. 



Conclusion ' < 

In view of the above the Applicant respectfully submits that claims 1-20 are in 
condition for allowance, claims 1 1-20 and 2-5 and 7 having previously been indicated as 
being allowable over the prior art of record. Reconsideration of this application and 
indication of the allowability of claims 1-20 at an early date are respectfully solicited. 

If the Examiner believes that a telephonic conversation will aid in the resolution of 
any issues not resolved herein, the Examiner is invited to contact the Applicant's attorney at 
the telephone number listed below. 
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